| |
mark :: blog
What a busy couple of days. It all started last month
with a seemingly innocent DOS being reported to the Apache
security team. jorton and I spent some
time analysing it and found that although it wasn't
exploitable on 32 bit until platforms it may well be
exploitable on some 64 bit machines. Then started the co-
ordination work with CERT.
Then, suddenly, the ISS team announced the same issue
publically causing us to go into firefighting mode and
release the advisory (which I'd fortunately already
drafted and got positive feedback on), followed by
seemingly hundreds of press calls, lots of additional
analysis, and reading ISS say I was untrustworthy in some
Chicago newspaper ;-)
Now for some sleep
Created: 19 Jun 2002
Tagged as: apache, security
0 comments
(new comments disabled)
|
|
|
Hi! I'm Mark Cox. This blog gives my
thoughts and opinions on my security
work, open source, fedora, home automation,
and other topics.
pics from my twitter:
popular tags:
[all],
apache,
apachecon,
apacheweek,
cve,
cvss,
fedora,
financial,
geocaching,
ha,
metrics,
microsoft,
nashville,
north carolina,
red hat summit,
redhat,
security,
trips
|
|
